RHSA-2010:0533: Moderate: pcsc-lite security update
First published: Wed Jul 14 2010(Updated: )
PC/SC Lite provides a Windows SCard compatible interface for communicating<br>with smart cards, smart card readers, and other security tokens.<br>Multiple buffer overflow flaws were discovered in the way the pcscd daemon,<br>a resource manager that coordinates communications with smart card readers<br>and smart cards connected to the system, handled client requests. A local<br>user could create a specially-crafted request that would cause the pcscd<br>daemon to crash or, possibly, execute arbitrary code. (CVE-2010-0407,<br>CVE-2009-4901)<br>Users of pcsc-lite should upgrade to these updated packages, which contain<br>a backported patch to correct these issues. After installing this update,<br>the pcscd daemon will be restarted automatically.<br>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/pcsc-lite | <1.4.4-4.el5_5 | 1.4.4-4.el5_5 |
| redhat/pcsc-lite | <1.4.4-4.el5_5 | 1.4.4-4.el5_5 |
| redhat/pcsc-lite-devel | <1.4.4-4.el5_5 | 1.4.4-4.el5_5 |
| redhat/pcsc-lite-devel | <1.4.4-4.el5_5 | 1.4.4-4.el5_5 |
| redhat/pcsc-lite-doc | <1.4.4-4.el5_5 | 1.4.4-4.el5_5 |
| redhat/pcsc-lite-libs | <1.4.4-4.el5_5 | 1.4.4-4.el5_5 |
| redhat/pcsc-lite-libs | <1.4.4-4.el5_5 | 1.4.4-4.el5_5 |
| redhat/pcsc-lite-doc | <1.4.4-4.el5_5 | 1.4.4-4.el5_5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2010:0533
- agent/software-canonical-lookup
- package-manager/redhat